1. Field
The following description relates to a computer system and method for preventing a Dynamic-Link Library (DLL) injection attack.
2. Description of Related Art
Conventional antivirus products examine patterns of virus codes inside libraries based on a virus' signature, determine whether an attack by a virus code occurs, and attempt to prevent the attack from occurring in the future. Accordingly, conventional antivirus products contain a database that includes only viruses that have already been found and that are already known. Thus, it is inevitable that the database of the conventional antivirus products will need to be updated with information about newly found viruses. For example, if a database has not been updated with information pertaining to a newly found virus, an antivirus program will not be able to recognize or respond to a new malicious code of the newly found virus, even though the new malicious code has previously been encountered.
Therefore, there is a demand for a system and method for efficiently preventing a Dynamic-Link Library (DLL) injection attack.